Cyberespionage is a Real Threat. Here’s Why.

By: ARRC

September 12, 2017

You may think the word “cyberespionage” is straight from a science-fiction novel, but it’s a real thing in this day and age. Hackers are using malware to try and target government officials of other countries in order to gain access to national security files and data.

One of the latest reports indicates that a Chinese government hacker group appears to be peppering Vietnamese bureaucrats with phishing emails in attempts to gain advantage in upcoming trade talks.

A country like China sending out scattershot attempts to spy on foreign government computers is commonplace, experts say. But the Chinese assault on Vietnamese officials, detailed in a report by US cybersecurity firm FireEye, offers a reminder of how cyberespionage has become an everyday tactic across the world as nations search for ways to gain economic and strategic advantage in relations of all types.

China is regarded as one of the most aggressive nations in the world when it comes to economic espionage, with several dedicated government groups and untold thousands of employees. In 2014, the US government indicted five members of China’s People’s Liberation Army for hacking crimes against US targets, including companies such as Westinghouse and US Steel.

Chinese targeting of US companies has dropped since — Chinese President Xi Jinping and then US President Barack Obama agreed in 2015 that neither country would attempt to steal private companies’ business secrets.

But that doesn’t mean China has decreased its efforts against other nations, as the FireEye report makes clear.

FireEye’s report focuses on a pair of Microsoft Word documents that appear tailored as “lures” — emailed files that encourage recipients to download them in phishing attacks, but which secretly contain malware that attacks a user’s computer or network.

One of the documents concerns the Regional Comprehensive Economic Partnership, a proposed trade agreement between 16 countries along the Pacific Ocean. The other purports to be a strategic plan for the Asia-Pacific Economic Cooperation, a forum that encourages trade around the region. But they aren’t the only indication of China’s interest in Vietnam.

Both the lures contain malware exploits of Microsoft Word, a common tactic against computers that either run pirated versions of Microsoft Office or versions that haven’t been updated.

Once deployed, the malicious software can relay back to its author what it sees on the victim’s computer, such as a profile of its files and the names of connected networks. It also can be used to load additional malware. With enough successful attacks, whoever’s behind the phishing attempt can map a comprehensive look at a foreign government’s intentions.

There’s no telling if these particular efforts were successful. FireEye found the lures after a would-be victim uploaded them to VirusTotal, a Google-owned company that allows anyone to submit potentially malicious files to be scanned for known malware, which in turn helps create an ongoing repository of new threats.

Vietnam competes with China on a number of fronts, including for oil and natural gas deposits in the South China Sea.

Vietnam is clearly aware of the threat. Vietnamese President Tran Dai Quang recently gave a speech highlighting cybersecurity, saying that his country had seen a rise in attempts to steal state secrets.